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ABSTRACT 



A method, and associated apparatus, of providing a com- 
munication station with anonymous access to a communi- 
cation network to communicate data therein. Access is 
provided to the communication station only after authenti- 
cating that the communication station is authorized to com- 
municate in the network, but access is provided without 
individually identifying the communication station to the 
network with a permanent identifier unique to the commu- 
nication station. 

32 Claims, 2 Drawing Sheets 
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METHOD AND APPARATUS FOR the capability of communicating packet data, such as the 

PROVIDING ANONYMOUS DATA aforementioned General Packet Radio Service (GPRS). 

TRANSFER IN A COMMUNICATION Infonnation which is to be transmitted between a sending 

SYSTEM and receiving station is formed into discrete packets of data. 

s Individual ones of the packets can be sent on a communi- 

The present invention relates generally to the transmis- «*» fro ™ « hc sadoa . to J 1 ? "*eiving 

sicm of data, such as packet data transmitted in a commu- M * e 1 f ? fom " t ? on ^ conitt^mca^ by way of 

„. h . -—j JuL- m „v.. r.Ai* <~^t~* discrete packets, the sending station utilizes the channel only 

mcauon system providmg packet radio services or circuit- during t0 scnd the discrete packets, 

switched data transmitted in a communication system TheXnnel is ty^caUy! Aerefore. a shared channelled by 

providing circuit-switched communications. More w a rf < "J. stations. 

particularly, the present invention relates to a imethod. and Bccausc ^ M Mture of ^ a $hared channeU a 
associated apparatus for implementing the method, for pro- ^ rf ^ to ^ ^^u^ by a station might 
vidmgacommumcattop station with anonymous access to a have to te qneued ^ ^ d^g, becomes avail- 
communication network which forms a portion of the com- able Howeva . me ch^e. fe shared, the 
municaaon system. While anonymous access to the network is costs of transmitting data on a shared channel can be shared 
is provided, such access is permitted only afta authentic*!- ^ users as a dedicated commumcation channel 
ing that the commumcation station is authorized to commu- nced not ^ to ^ sending to effectuate 
nicate with the network. Once the anonymous access is ^,^^011 of the packet Communications effectuated 
provided, communication of data between me commu nica- via me mi comimmicatioils pursuant to paging 

» ° J!"" 1 * corre ^ c " dent « bty » P™»*«». 20 networks are also exemplary of commumcation systems 

identifying the communication station to the c«nmunication wnjcfa ^ use of ^ transmission of packet data, 

network by a permanent unique dentiner. The aforementioned, GSM digital cellular communica- 

Beou.se the communication station ^ provided anony- tion netwQrk ^ ^ ofTcellular communication 

mous access to the network ^ comrnumcat™. of data to or for wnicn the introduction of GPRS has been pro- 

from *e communication station ,s effectuated without 23 ^ ^ ^ mcrefor have been promul- 

comnmmcation staUon be uniquely GSJ £Xbile stations constructed corresponding to 

identified 1 wtfh a permanent identifier unique to the commu- f uch m ^ w ^^cate packed vUfte 

mention station. The particular communication station and q$m network. 

the user thereof remains anonymous. The present invention J 1 . . . , . . . . . 

can be used, for example, to provide a mobile station with 30 . Au ^^^^ S ^ C ^T^cx? ST t 

anonymous access to packet radio services, such as the *W a GSM mobfl^estonon wiih^xes^ to me GSM network 

General Packet Radio Service (GPRS) proposed to be stan- to commimicatethcrem. S^^^^ 011 Procedures 

dardized in the Global System for Mobile cornmiuucauon are promulgated in the GSM standards. An exemplary 

(GSM) tdeconnmuueations system standard. Authentication ^^^l™*™ 1^°^ ^ * ^ 

L performed to ensure that fee nwbfle stance is authc^ 35 Pat No. 5^2.250 assigned to the assignee ofthej^ent 

to conmiiimcate with the network invention. The contents thereof are hereby incorporated by 

reference herein. 

BACKGROUND OF THE INVENTION Authentication procedures are performed to ensure that 

the mobile station is authorized to communicate in the 
Advancements in the fields of electronics and communi- ^ system other cellular telephone, and other radio telecom- 
cations have permitted the introduction and commercializa- municatton systems utilize analogous authentication proce- 
tion of many new types of communication systems. Infor- dures for similar reasons. 

mation can be affordable co mmunic ated to locations and in As part of the authentication procedure in the GSM 

manners previously not possible or affordable. communication system, an international Mobile Subscriber 

The field of cellular telephony is exemplary of a commu- ^ identity (IMSI) which permanently and uniquely identifies 
nication system that has been made possible due to such the mobile station, or at least the paty to whom communi- 
advan cements. Communication pursuant to a cellular cations provided pursuant to the network are to be billed, is 
telephone, or other radio tdecommuni cation system, is provided to the network. Responsive to such provided 
advantageous as a fixed, wireline connection is not required identity, the authentication procedure authenticates that the 
between a sending station and a receiving station to permit ^ mobile station is authorized to coimnunicate via the net- 
communications to be effectuated therebetween. A cellular work. By providing the IMSI to the network, the identity of 
telephone, or other radio telecommumcation system is there- the user necessarily is provided to the network, 
fore particularly advantageous to effectuate communications Several proposals have been set forth of oomrxuimcatioi 
when the use of fixed or hard-wired connections to effectuate applications which utilize GPRS provided pursuant to the 
conununicadons would be inconvenient or impractical. 33 G SM network. Such applications might siiriilariy be pro- 
Some conventional communications pursuant to a cellular yf ^ pursuant to other types of cellular, or other, commu- 
communication system are sometimes referred to as circuit- nication systems. Such proposals can be implemented in a 
switched communications as data is transmitted upon chan- GSM. mobile station which also permits conventional, 
nels and circuit paths dedicated during the cornrnunication to circuit-switched (e.g.. conventional voice-telephonic) com- 
a particular sending and receiving station pair. ^ m unications or, in some proposed applications, in a mobile 

Continued advancements in the field of cellular telephony, station which merely provides for packet data communica- 

as well as other types of radio telecommuaications, have tion. Depending upon the communication system in which 

permitted the introductions of new services and new forms the mobile station is operable, the term mobile station is 

of cornrnunication pursuant to already-installed cellular, and used to refer to a device which permits only circuit-switched 

other radio telecommu nication. networks. 65 communications, only GPRS ccanmiini cations, or at least 

For instance, proposals have been set forth to provide both GPRS communications and circuit- switched commu- 

existing cellular, and other communication networks, with nications. 
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Existing authentication procedures used prior to granting The teachings of the present invention can be advanta- 

acccss of the mobile station to the communication network geously utilized to provide anonymous access to generalized 

require that the IMSL or other permanent unique identifier, packet radio services proposed as part of the GSM digital 

be provided to the network. Such a need to identify the cellular communication system. Access of the mobile station 

terminal with its IMSL or other permanent, unique identifier, 5 to the GSM network, thereby to provide the mobile station 

would prohibit implementation of certain of such proposed with generalized packet radio services, is provided without 

applications. In several of such proposed applications, pri- requiring that the mobile station provide the network with 

vacy rights of the users of the mobile stations would be the mobile station's International Mobile Subscriber Identity 

adversely affected. (MSI). Instead, the mobile station provides the GSM net- 

An exemplary application which has been proposed is a io work with an International Mobile Group identity (IMGI). 

(raffic3S^OB in which v^hicutar^ted, The mobile station can thereby be ^c^^tonga 

mobile stations se^positional directional and speed infor- member of a ^group of anonymo^rnobile stations authorized 

mation to a traffic cottol center. Responsive to such infor- to be provided with packetradio scrvicrs^ervices are 

mttion cwep* to the traffic counter by a plurality provided, thereby, to the mobile statxon without requiring 

oneWcular-mounted mobile stations, traffic control opera- * that the IMSI of the mobile station be provided to the 

tions can be implemented to alleviate traffic congestion, network. 

when necessary. h another aspect of the invention, the mobile station is 

Another exemplary application which has been proposed provided anonymous access to the coruscation network 

is ^Tutoma^Sg apptic^tion in which passage of to permit the transfer of circuit-switched data therethrough, 

automotive vehicles through an automotive toll gate, or 20 In one embodiment, the mobile station permits packet 

tolling point, are provided to a tolling control center. radio services only to be provided. Id another embodiment, 

Vehicular-mounted mobile stations transmit signals to a the mobile station forms a portion of a mobile station which 

tolling control center when passing through the automotive permits circuit-switched telecommunications, such as those 

toll gate. provided In a conventional cellular communication system. 

To permit such applications, as well as others, to be 25 And, in another embodiment, the mobile station permits 

implemented without adversely affecting the privacy rights bom circuit-switched communications and packet data com- 

of users of the mobile stations, anonymous access by the munications. 

mobile station to the network is required. But, there is still The use of an anonymous mobile station identity for 

a need to authenticate the mobile station to prevent non- GPRS anonymous access containing an operator specific 

authorized use of the network. group identity and a random number to provide a unique 

What is needed, therefore, is a manner by which to identity has been proposed in ETSI Tdoc SMG3 95G096. 
provide a mobile station with anonymous access to a com- However, no solution for providing an anonymous access 
munication network of a communication system, thereby to service is presented in the document 
permit the mobile station to communicate data in a com- 35 In one exeirrolaryiniplemeiitation,^ 
munication system while also providing a manner by which utilized to initiate packet data transmission in a traffic 
to authenticate the mobile station prior to providing the telematic application, for example, to provide a traffic con- 
mobile station with such anonymous access to the system. trol center with vehicular traffic information. In such an 

It is in light of this background information related to the application, anonymity of communications is required for 

coininunicationofd^matme^ 40 P rivac y rcas° ns * Mobilc stations positioned upon 

the present invention have evolved. vehicles and send packet data representative of, e.g., 

positional, directional, and speed information related to the 

SUMMARY OF THE INVENTION position of the vehicles upon which the mobile stations are 

THe present iavention advantagco^iy^ a J^S^^St-S 

and associated apparatus for implementing the method, of as 0 P eral t Dns °f JT „ „' - 

p^o^ngTconScation station with JLymous access operation <° aUeviate co^or^ ^ 

toVcomLnication network of a communication system to anonymous access gran^ tomemobtle stataoa. Aepnvacy 

"»"^""" , of the user or owner of the vehicle in which the mobile 

communicate data in the communication system. Access is . " , . , . ... . 

provided to the communication station only after authenti- station is positioned is maintained, 

eating that the communication station is authorized to com- 30 In another exemplary application, the present invention is 

municate in the network, but access is provided without utilized in an automatic tolling application. Vehicular- 

mdividuaUy identifying the communication station to the mounted mobile stations transmit signals when passing 

network wife a permanent identifier unique to the commu- through an automotive toll gate. Indications of such signals 

nication station are forwarded on to a tolling control center, such as by way 

tooneas 1 >cctofmepresenttovention.mec^ » of a GSM communication network. This permits toll fees to 

station comprises a mobile station operable in a communi- be paid electronically. e.g.. based upon coding of a smart 

ca^on sVsXwhich provides packetradio service, such as card. The mobile station is granted access to the 

GPRS, permitting transfer of packet data between the network such mat, to the network, the identity of the mobile 

mobile station and a correspondent entity. The mobile sta- station is anonymous. Indications of the mobile station s 

tion is provided with anonymous access to the communica- 60 permanent ^J^^^ ^^TZ^J 

don network. The mobile station is authenticated as being a payment method, be provided to the tolhng ^nfrd center 

member ofa group of mobile stations permitted to utilize the but ma manner which is transparent to the commum^ion 

communication network prior to granting the mobile station network. Viz.. the permanent identity of thcmobile stauon 

access to the network. Thereby, the mobile station is authen- remains unknown to the communication network, 
ticated without requiring that a permanent, unique identifier 65 Other traffic telematic applications, as well as other 
of the mobile station be used to authenticate the mobile applications, can similarly embody the teachings of the 

station, present invention to provide a communication station anony- 



03/26/2002, EAST Version: 1.03.0002 



5,729,537 

5 6 

mous access to a communication network while also authen- permits the mobile station 12 to communicate by way of the 
ticating the communication station to ensure mat the com- communication network 14 with a remotely-positioned 

mimication station is authorized to communicate with the device, here a correspondent entity 16, without identifying 

communication system. the mobile station 12 with a permanent identifier which 

The teachings of the present invention, therefore, can also 5 uniquely identifies the mobile station. While, for purposes of 

be advantageously utilized in a communication system to illustration, a single mobile station 12 is illustrated, a 
provide anonymous access to permit the communication of plurality of mobile stations are able to communicate by way 

the circuit-switched data. of the communication network 14. The mobile station 12 is 

In these and other aspects, therefore, a method, and one of a group of mobile stations, each mobile station of the 

associated apparatus, for initiating data transmission in a 10 <»mmonly-identified with a group identifier, 

communication system is disclosed. A communication net- In one embodiment of the present invention, the mobile 

work effectuates communication between at least a first station 12 permits the communication of packet data. In 

communication station and a correspondent entity. The first another embodiment of the present invention, the mobile 

communication station is a group-identified communication station 12 permits the communication of circuit-switched 

station of a group of group-identified communication sta- data. And in another embodiment of the present invention, 

tions. Each group-identified communication station of the the mobile station 12 permits the communication of at least 

group is identified by a group identifier. The data transmis- both packet data and circuit-switched data. In the exemplary 

sion is initiated without individually identifying the first embodiment illustrated in the Figure, the mobile station 12 

communication station with a permanent identifier unique to is operable to communicate packet data by way of the 

the first communication station. A group identifier signal is 20 communication network 14, here fanning a GPRS commu- 

provided to the communication network. The group identi- nication network. 

fier signal is of a value representative of at least the group The mobile station 12 includes, inter aha, both transmitter 

identifier. At least a first network coded signal and a second circuitry 18 and receiver circuitry 22. Operation of the 

network-coded signal are formed responsive, at least in part, transmitter and receiver circuitry 18 and 22 is controlled by 

to the group identifier signal provided to the communication 25 processing circuitry, here identified as a controller 24. The 

network. The second network-coded signal is then sent to controller 24 is coupled to the transmitter and receiver 

the first communication station. A first station-coded signal circuitry 18 and 22 by way of lines 26 and 28, respectively, 

is formed at the first communication station responsive to The controller is further coupled to a memory device 32 by 

reception of the second network-coded signal. The first way of lines 34. In the exemplary embodiment in which the 

network-coded signal is then compared with the first station- ^° communication system 19 comprises a GSM communica- 

coded signal. Then, authorization of initiation of transmis- tion system, the transmitter and receiver circuitry are respec- 

sion of the data between the first communication station and tively operable to transmit and to receive TDMA, GMSK- 

the communication network is authorized responsive to such modulated signals. In other embodiments, of course, the 

comparisons. circuitry of the mobile station 12 is operable to generate and 

A more complete appreciation of the present invention 35 to receive other types of communication signals, modulated 

and the scope thereof can be obtained from the accompa- in other manners and in other communication schemes, 

nying drawings which are briefly summarized below, the A Subscriber Identity Module (SIM) card 36 is positioned 

following detailed description of the presently-preferred at the mobile station 12 and includes a memory element 38. 

ejnbc<hments of the invention, and the appended claims. The SIM card 36 is coupled to the circuitry of the mobile 

BRIEF DESCRIPTION OF THE DRAWINGS " f 12 'Z^^^JT^^ Of**? 2f 

i/ujuiunivnvi ^^lt,xi^^ lines 42 connecting the SIM card 36 with the controller 24. 

FIG. 1 illustrates a functional block diagram of an exem- The memory element 38 includes storage locations for 

plary cornmunication system in which an embodiment of the storing an International Mobile Group Identity (IMGI) 44, 

present invention is operable to form a portion thereof. ^ ^ authentication key (K,) 46, and, optionally, one or more 

FIG. 2 illustrates a partial functional block, partial sche- destination address. Here, a single Internet protocol address 

matic illustration of an exemplary application in which an (IP) 48 is illustrated. In one embodiment the memory 

embodiment of the present invention is utilized to provide element 38 of the SIM card 36 may further include addi- 

vehicular traffic information to a control center. tional storage locations for storing other information, such 

FIG. 3 illustrates a partial functional block, partial sche- 30 «s 311 International Mobile Subscriber Identity (IMSI), and 

matic illustration of another exemplary application in which an associated authentication key. Kj. conventionally utilized 

an embodiment of the present invention is utilized to auto- e.g., in an authentication procedure pursuant to conventional 

matically toll the passage of vehicular traffic at a vehicular tdecommunication by way of the mobile station 12. Uplink 

toll gate. signals generated during operation of the mobile station 12 

FIG. 4 illustrates a flow diagram listing the method steps 55 arc formed by the transmitter circuitry 18 and transduced by 

of an embodiment of the present invention. an antenna 52. Signals transmitted to the mobile station 12 

are detected by the antenna 52. transduced thereat and 

DETAILED DESCRIPTION applied to the receiver circuitry 22. all in conventional 

Referring first to FIG. 1. an exemplary cornmunication manner, 
system* shown generally at 1*. provides anonymous access 60 The cornmunication network 14 receives uplink signals 
of a mobile station 12 to a communication network 14. The 54 generated by the mobile station 12 and transmits down- 
communication system 10 here forms a GSM communica- link signals 56 to the mobile station 12. The communication 
tion system, the mobile station 12 forms a GSM mobile network 14 includes, inter alia, a base station (BTS) 62. 
station, and the communication network includes a GSM operable in conventional manner to transceive the uplink 
infrastructure network. 65 and downlink signals 54 and 56 by way of an antenna 

The anonymous access provided to the mobile station 12 transducer 64. The base station transceiver 62 is coupled to 

during operation of an emfxxliment of the present invention a base station controller (BSC) 66 by way of lines 68 in 
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conventional manner and, the base station controller 66 is understood, of course, that appropriate modifications can be 

coupled, in turn, to a mobile services switching center made to the following description of operation for the 

(MSQ 72 by way of lines 74. A visitor location register communication of circuit-switched data rather than packet 

(VLR) is positioned at the mobile services switching center, data and for the communication of data in other communi- 

together referenced as an MSC/VLR. The mobile switching 5 cation systems. 

center 72 and the VLR located thereat, is coupled, in Although access of the mobile station 12 to permit the 
conventional fashion, here indicated by lines 76 to a home communication of data anonymously and transparently 
location register (HLR) 78. between the mobile station 12 and a correspondent entity 16, 
The HLR 78 is coupled to a general packet radio service the mobile station 12 must be authenticated to ensure that the 
(GPRS) register 82 and to an aumentication center (AUC) "> mobile station 12 should be permitted such access tocom- 
84 by way of lines of 86 and 88, respectively. In one municate byway of the communication network 14. Opera- 
embodiment of the present invention, the GPRS register 82 lion of the present invention, while permitting anonymous 
and the AUC 84 are located together with the HLR 78; such access of the mobile station to communicate by way of the 
an embodiment is indicated by the block 92, shown in dash. communication network 14, ensures that the mobile station 
A storage location 93 coupled to the GPRS register 82 stores 15 is authorized to communicate therein. In an embodiment of 
a value of an IP address analogous to the IP address 48. the present invention, two-way communicatioD between fee 

The authentication center 84 includes storage locations m ^^ n " Md ^T!™^ ^ 

for spring group identities, including the toternational Pitted all while preserving meanonyjmty of the mobile 

Mobile Gfou^ntity (IMGI) 94 and authentication key ^ Nation in the conm^cahon network * 

0Q 96, cor^ndiiig to the IMGI and K, 44 and 46 stored 20 Acknowledged logical link operation is employed m order 

at the SIM card 36 at the mobile station 12. Processing to provide reliable transmission across an air interface in a 

circuitry of the AUC 84 generate a random number, RAND manner analogous to operation utilized m conventional 

98 The value of the RAND 98 is stored at a storage location GPRS point-to-point transmissions. And, in the exemplary 

of the communication network. In a GPRS context the ^ embodiment, the GPRS service is assumed to be based upon 

RAND 98 is stored in a GPRS register, or elsewhere, as 25 an Internet protocol (IP) forming the networklayer protocoL 

appropriate. Processing circuitry of the AUC 84 is operable Other protocols, such as a conventional CLNP or X.25 

to «ccute an algorithm responsive to values of the RAND protocol, can be supported in other embahments. Such 

98 and IC 96 to form a signed response (SRES) value. assumptions are made merely for describing the exemplary 

indicated Iby SRES 1«. A ciphering key (KJ 102 is also ^ embodiment of FIG. L In other embodiments, other types of 

calculated by an algorithm, responsive to values of the 30 operation and other types of protocols can instead be uti- 

RAND 98 and the K, 96. ^ed. ^ u 

!• The communication network is further shown to include When data Js to be anm*^**™ «J 

a Gateway GPRS Support Node (GGSN) 1*4 and Serving station 12 and the correspondent entity 16, an attach/ 

GPRS Support Node (SGSN) 1«> The GGSN 1*4 and 33 activation procedure, i.e., a log-on procedure, is imple- 

SGSN 106 are logical entities. The GGSN 1<M provides an mented. 

interface towards external data networks, here an external The mobile station 12 must identify itself to the commu- 

data network ltt. The GGSN 104 is operable, for example, mention network 14. To do so, the mobile station 12 trans- 

to translate data formats, signaling protocols and address mils a group identifier signal to the network. The group 

information in order to permit communication between ^ identifier signal is of a value representative of the IMGI 44. 

different networks. The GGSN 104 is further operable for In one embodiment, the group identifier signal further 

purposes of routing to SGSNs, such as the SGSN 106, to includes the destination address 48. To uniquely identify the 

perform protocol conversions, and interrogations of data mobile station 12 for purposes of immediate communication 

from the GPRS register 82 over a shared packet data channel, a random identifier, here 

The SGSN 106 provides, for example, for packet routing 45 * ran<tom temporary ^^^.^f^^^^ 

of packet data to a^d from a sertfcTarea of &Tnode 106. a portion of me ^oup identifier signal The ^(^TLLIis, 

signaling exchanges with the MSC/VLR 72. and GPRS &r stance, stored in a storage 

reSstex 82. and control, monitoring, and parameter storage ckmcnt 32 or is ^T™ 

functions related to packet data mobile stations, such as the 24. Transmission of the random TLU pernyts. for a par- 

Se station 12. M illustrated in the Figure, the service 50 ticular cc^iuii^ 

n~£c im imd 1 106 cocoled toother bv wav of a ally identified until the mobile station is assigned a TLLI by 

and 114 extending to the backbone network 108. Additional nicaUon network 14 with the permanent identity of the 
support nodes, such as a GGSN 116 and a SGSN 118 are mobile station IX 

further illustrated to be coupled to the backbone network 55 A random TLLL * not accessary * attach/activation 
108, such couplings indicated by the lines 122 and 124, procedure uses a conventional, dedicated GSM signaling 
respectively. Additional service nodes can additionally be channel. 

represented and analogously coupled together, also to form The use of random TLLIs for IMSI-based mobile stations 
portions of tbe communication network 14. during the initial part of GPRS attach and routing area 

Exemplary operation of an ernbodiment of the present 60 updating over a shared packd t data channel has been pro- 
mvTnZ^Taescribed with respect primarily to the posed in ETSI GPRS SMG2/3 ad hoc Tdoc 95G087 and 
anonymous transfer of packet data, such as that described Tdoc 132/96. The documents also discuss handling of the 
with respect to the GPRS Stage 1 Service Description, GSM inherent risk of random TLLI collision. 
02.60, M3.0. Section 5.4.4. Such description defines a First by allocating a sufficiently large number of bits for 
requirement for an anonymous access (AA) service, permit- 65 a random TLLI (22 bits for the random part proposed in said 
ting anonymous mobile-originated (MO) packet transfer to documents, but more bits may be allocated if required), the 
a predetermined destination address. It should be probability of two or more mobile stations in the same 
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SGSN area choosing the same random TLLI during the very and an individual temporary IP address, or more generally, 

short period of time a random TLLI is used (a few seconds) a temporary network layer identity, 

can be made extremely low. In addition, a temporary IMSI may be allocated in order 

In the rare event of a random TLLI collision, the collision t0 facilitate similar handling in the network as for an 

resolution rules suggested in Tdoc 132/96 may be used 5 individual MSI subscriber. 

These rules are based on aborting and restarting a signaling SGSN and GGSN contexts arc established and maintained 

message sequence with a new random TLLI if a received for mobile stations, including the mobile station 12. in 

message does not correspond with the expected message at manners sMar to those conventionally esta^shed and 

a given point in a message sequence or in a given context. maintained in a GPRS system for an mdm^al IMSI-b^ed 

„ . T * in subscriber. In the exemplary embodiment illustrated m FIG. 

However, in me anonymous access case, Ae means for 10 x ^ co^unclutes, inter alia, subscriber data, 

context-based collision resolution is more limited as no ^duding the IMGI, optional predefined IP addresses of 

IMSI-reiated information, unique for each mobile station, destinations, a temporary IP address, aTLLL aK^a mobile 

can be used. In one embodiment of the invention an Inter- station state and cell/routing area location. The SGSN and 

national Mobile Station Equipment Identity (IMEI) is pro- GGSN contexts permit the mobile station 12 to be posi- 

vided by the mobile station in ciphered form (in a later stage 15 tioned at any location within the area encompassed by the 

of the attach procedure when a ciphering key has been communication network to communicate data therethrough, 

established) as a means for context-based collision resolu- Thereafter, communication of data between the mobile 

tion. In yet another embodiment of the invention, the fol- station 12 and a correspondent entity 16 by way of the 

lowing complementary method is employed. The SGSN communication network 14 can be performed. When packet 

monitors the random TLUs received and currently in use at 20 data to be transmitted pursuant to GPRS provided by the 

the SGSN (during the short initial part of anonymous attach communication network 14 is generated at the mobile sta- 

procedures currently in progress). If a random TLLI is tion 12. transmission by way of the communication network 

received which is already currently in use, the SGSN 14 to me correspondent entity 16 is jjennitted, pursuant to a 

responds with an abort message to the cell from which the selected packet data protocol in conventional fashion. The 

random TLU was received. This causes the mobile stations 25 allocation c f a temporary network layer identity and the 

receiving the abort message to make a new attempt with a establishment and maintaining of SGSN and GGSN routing 

new random TLLL contexts permit two-way communication between the 

Indications of the group identifier signal received at the mobile station 12 and the correspondent entity 16. In the 

base station 62 are forwarded, in conventional manner, to the case of the IP protocol, mis includes reliable transmission 

SGSN 1*6 (or appropriate MSC/VLR 72). control protocol (TCP) communication. Reliable two-way 

A triplet is fetched by the SGSN 106 (or appropriate communication should be especially useful for road toll and 

MSC/VLR 72). The triplets are values of the RAND 98, the other applications involving electronic payments, 

ciphering key 102* and the SRES 100. The value of the If the IMGI group subscription includes one or more 

RAND 9$ is allocated in a manner to be unique within the 35 predefined destination address (IP address 48 and 93 in FIG. 

group of mobile stations identified by the IMGI 94. And, the i), data transfers initiated by the mobile station 12 are 

SRES 100 is, as mentioned previously, calculated responsive screened with respect to the predefined destination address* 

to values of the RAND 98 and the K, 96. either in the mobile station (IP address 48) or in the network 

Once fetched, the SGSN 106 causes the retrieved value of (TP address 93). 

the RAND 98 to be transmitted to the mobile station 12 by ^ The access provided to the mobile station 12 does not 

way of the base station 62 as part of a network-coded signaL require identification of the mobile station with a permanent 

The network-coded signal is generated through operation of identifier unique to the mobile station. Instead, anonymous 

the various elements of the network 14. The controller 24 access is provided to the mobile station 12 responsive to the 

also calculates the value of the SRES and also a value of an IMGI 44 which merely identifies the mobile station 12 as a 

encryption key, with algorithms in the same manner as 45 member of a group of mobile stations. To the communica- 

the manners by which the SRES 100 and 102 are tion network* the actual, or permanent, identity of the mobile 

calculated. Here, though, the values calculated at the mobile station 12 is not known. Depending upon the particular 

station 12 are calculated responsive to the value of the application* data provided by the mobile station 12 to the 

RAND 98 transmitted to the mobile station and to the value correspondent entity 16 may uniquely identify the mobile 

of Ki 46 stored at the memory element 38. ^ station 12 to the correspondent entity 16. Such an identifi- 

Once the value of the SRES is calculated at the mobile cation is, however, pursuant to an end-to-end application 

station, a mobile station-coded signal indicative of the SRES layer which is transparent to the communication network 

is generated and transmitted back to the communication Ciphering of data between the mobile station and the cor- 

network 14. Indications of such signal are provided to the respondent entity can also be performed on such an end-to- 

SGSN 106. and a comparison is made with the SRES 100, 55 end application layer for security purposes, 

previously calculated at the AUC 84 and stored and fetched Movement of the mobile station 12 anywhere throughout 

as part of the triplet, described above. an area encompassed by the communication network 14 is 

If the mobile station-calculated value of the SRES corre- permitted in manners analogous to those otherwise permit- 

sponds with the value of the SRES 100, the mobile station ted in a GPRS communication network and the components 

12 is authenticated and is provided access to the communi- 60 of the communication network 14 are operable in similar 

cation network 14. Thereafter, additional communications such analogous manners responsive to such movement 

between the mobile station and the communication network Analogously, intra- and inter-SGSN cell/routing area updat- 

are ciphered, as required, using the ciphering keys calculated ing procedures are analogous to corresponding procedures 

at the mobile station 12 and the fetched value of the utilized for updating of a conventional IMSI-based GPRS, 

ciphering key 102 fetched from the authentication center 65 point-to-point service subscriber. 

Under protection of ciphering with the SGSN alio- In the above-described procedure, once the mobile station 

cates to the MS (from dynamic pools) an individual TLU 12 is provided access to communicate by way of the 
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communication network 14, communication of data can be network 14. The data provided by the mobile stations 12 
initiated either by the mobile station 12 or the correspondent includes, for example, positional, directional, and speed 
entity 16. If, however, communication of data, in the form information related to the vehicles 156 at which the mobile 
of a packet exchange sequence between the mobile station stations arc positioned. Responsive to such information, the 
and a correspondent entity, is always initiated by the mobile 5 traffic control center implements traffic control operations, 
station, mobility management required of the communica- For instance, the traffic control center 158 can be caused to 
tion network can be simplified. For instance, when a packet selectively alter the sequencing and functioning of traffic 
exchange sequence is terminated and the mobile station 12 lights along a roadway, thereby to alleviate traffic conges- 
returns to a stand-by state, e.g., when an active state timer tion. Because of the anonymous access granted to the mobile 
expires, the mobile station 12 may be regarded as not 1Q stations 12, and. hence, me users or owners of the vehicles 
accessible for mobUe-texininated (NTT) traffic A subsequent in which the mobile stations are positioned, the privacy of 
MT packet is thereafter rejected by (he SGSN. There is then the users or owners of the vehicles is assured, 
no nod for routing area updating or for paging while the FIG. 3 illustrates j another Jtraffic telematics apphcaUon^ 
mobile station is in the sta^state. Bef^ubsequently here shown generally at 171 Again, vehicuto-rnounted 
initiating a new packet exchange sequence, the mobile 15 mobile stations 12 are mounted m vducles 156 (one such 
miuaang o u ™ ^^*^™* 1W wW Tn th* 15 vehicular-mounted mobile station 12 and oac such vehicle 
station 12 must ^perform a routing area update Intfae mustratcd m mc Flgurc ). As the vehicle 156 at which 
event of an i*er ; SGSN ^^^-^^ me ^fl c station 12 isSed passes through a tolling 
dures for reestablishment of SGSN and GGSN contexts are $ ^ me mMlc station n arc detected 
then performed. Such a simplified mobility management j~ tne^mrminication network 14. Indications of such 
process can either be an inherent part of an anonymous ^ rcccption m provided to a tolling control center 176. The 
access service, or, instead, be a subscription option. informational content of the signals generated by the mobile 
As described in the above procedures, security is station 12 permits toll fees to be paid electronically, e.g., 
provided, both in the authentication requirement requiring based upon coding of a smart card. Indications of the mobile 
that the mobile station 12 be authenticated as a member of station's permanent identity may, optionally, depending 
a group which is authorized to communicate by way of the ^ upon me payment metbod, be provided to the tolling control 
communication network and also in the ciphering of data center on an end-to-end application layer transparent to the 
communicated between the mobile station and the commu- communication network The anonymity of the mobile sta- 
nication network. In the authentication procedure, as tion to the communication network is thereby preserved 
described above, a single authentication key, K,, common to while, utilizing the previously described process, the mobile 
the group of mobile stations 12 belonging to the group ^ station 12 is authenticated by way of a group identifier, such 
identified by the IMGI 44 and 94 is utilized. Also, an as the aforementioned MGL 

individual RAND 98 value and a ciphering key, for each FIG. 4 illustrates a method, shown generally at 182, of an 

mobile station 12 in the group is further utilized. The value embodiment of the present invention. The method initiates 

of the RAND 98 and the K„ associated therewith may be data transmission in a communication system having a 
renewed, for example, in connection with routing area 35 communication network for effectuating communication 

updating. Such a procedure provides the same level of between at least a first communication station, such as the 

protection utilized in a conventional GPRS communication mobile station 12, and a correspondent entity, such as the 

sy stem against a third party lacking a knowledge of the value correspondent entity 16 (shown in FIG. 1). The first com- 

of the authentication key, K,. Additional secured protection munication station is a group-identified communication sta- 
between, for example, individual members of the same ^ tion of a group of communication stations. Each group- 

IMGI group of mobile stations can be provided by providing identified communication station of the group is identified 

additional end-to-end ciphering between the mobile station by a group identifier. The following method steps shall be 

12 and the correspondent entity 16 on an application level. described with respect to the exemplary embodiment shown 

The present invention can alternatively employ other in FIG. 1. Analogous embodiments may similarly be 
ciphering methods such as the one used in the Cellular 45 described and illustrated. 

Digital Packet Data system, described in the CDPD System First, and as indicated by the block 184. the IMGI 44 is 

Specification, Release 1.1. In one embodiment after SRES provided to the communication network 14. Then, as indi- 

is received by the network, Le., after authentication, instead cated by the block 186, network-generated SRES I** and 

of using a ciphering key based on RAND and K,, one or RAND 98 values are accessed. Such values are formed, in 
more ciphering keys are exchanged between the network 50 the embodiment of FIG. 1, responsive to values of the IMGI 

and the mobile station. In another embodiment, ciphering 94 and me K, 182 and can be pre-calculated pre-storcd in 

keys are exchanged between the network and the mobile one embodiment of the present invention, 

station as a first part of an anonymous attach procedure. Thereafter, and as indicated by the block 188, the 

Again, once the ciphering keys have been exchanged, sub- network-generated RAND is sent to the mobile station 12. 
sequent exchanges between the mobile station and the 55 Responsive to reception of the RAND 98 at the mobile 

network are in ciphered form, ciphered, as required, by the station, a mobile station-generated SRES value is formed, 

ciphering keys. In the latter embodiment this means that the The network- and mobile station-generated SRES values are 

authentication procedure, including transmission of IMGI compared, as indicated by the block 194. Then, as indicated 

and RAND, can then be performed in ciphered mode. by the decision block 196, a determination is made as to 

These two alternative ciphering embodiments may pro- 60 whether the values are substantially similar. If not, access to 

vide enhanced security between different mobile stations the communication network is denied, as indicated by the 

belonging to the same IMGI group. block 198. If me values are substantially similar, the yes 

FIG. 2 illustrates a traffic telematic system, shown gen- branch is taken from the decision block 196 to the block 282 

eralry at 152. An embodiment of the present invention is and access of mobile station to communicate by way of the 
utilized to communicate data generated at vehicular- 65 communication network 14 is provided. Thereafter, and as 

mounted mobile stations 12 mounted in vehicles 156 to a indicated by the block 204, data is transferred, as appropri- 

trafl&c control center 158 by way of a communication ate. 
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Id another embodiment of the invention, anonymous 
access to conventional circuit-switched GSM (or similar 
cellular system) data services are provided, analogously 
with the above outlined principles for anonymous access to 
GPRS. The. service provided is an anonymous mobile origi- 
nated (MO) data call service. In this embodiment, a group 
identified mobile station would be allocated a Temporary 
Mobile Station Identity (TMSI) in a conventional manner, 
instead of a TLU in the GPRS case. Authentication at call 
set-up would be based on the group subscriber authentica- 
tion key. As only MO calls are supported, the mobility 
management procedures may be simplified compared to 
those conventionally used for IMSI-based mobile stations. 
Thus, a mobile station only needs to perform location 
updating periodically and, as required, before initiating a 
data 

Operation of an embodiment of the present invention 
provides a communication station, such as the mobile station 
12, with anonymous access to a communication network, 
such as the communication network 14, to communicate 
data therein. Access is provided to a communication station 
only after authenticating mat the communication is autho- 
rized to communicate in the network, but access is provided 
without individually identifying the communication station 
to the network with a permanent identifier unique to the 
communication station. 

The previous descriptions are of preferred examples for 
implementing the invention, and the scope of the invention 
should not necessarily be limited by this description. The 
scope of the present invention is defined by the following 
claims. 

What is claimed is: 

1. A method for providing anonymous data transfer ser- 
vice to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 35 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommunication network in which said anonymous trans- 
fer the telecommiinicarion network is required to authenti- 
cate the mobile station's membership in the group but 40 
inhibited from learning the specific personal identity of the 
authenticated mobile station transferring the data, said 
method comprising the steps of: 
forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key in 
which the group identity and group authentication key 
are to be shared in common by every mobile station in 
the group; 

providing a copy of the group identity and the authenti- 
cation key to each and every mobile station of the at 
least one group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 5S 
the group to the telecommunication network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing and not including any indicia of identity 
from which the telecommunication network can ascer- 
tain the specific personal identity of the mobile station 
sending the attach request; 

allocating to the requesting mobile station a network- 
generated random number responsive to the attach 
request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part 
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responsive to the common group authentication key 
provided to the requesting mobile station and the 
network generated random number, 

sending the mobile station-generated signed response to 
the telecommunication network; 

calculating at the telecommunication network a network- 
generated signed response calculated, also at least in 
part, responsive to the common group authentication 
key and the network-generated random number; 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

allocating to the mobile stationin response to said com- 
pared signed responses being identical, an individual 
temporary mobile station identifier from which the 
tdecommunication network cannot ascertain the spe- 
cific personal identity of the mobile station; 

transferring the data between the mobile station through 
the network and the correspondent entity; and 

performing location management procedures. 

2. A method for providing anonymous data transfer ser- 
vice to at least one group of mobile stations in a mobile 
telccommu ni ration system to permit anonymous transfer of 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommunication network, said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key. said 
group identity being associated with at least one autho- 
rized destination address to which the data is to be 
transferred from mobile stations belonging to the 
group; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the telecommn ni cation network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part 
responsive to the authentication key and the network- 
generated random number, 

sending the mobile station-generated signed response to 
the telecommu nication network; 

calculating at the telecommunication network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number; 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 

transferring the data from the mobile station wherein said 
step of transferring the data comprises transferring to 
the at least one authorized destination address, through 
the network and the correspondent entity; and 

performing location management procedures. 
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3. A method for providing anonymous data transfer ser- 
vice to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 
packet data between a mobile station of the at least one 
group of mobile stations and a correspondent entity by way 
of a telecommunication network, said method comprising 
the steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure comprising choosing at the 
mobile station a random temporary logical link identity 
to temporarily, uniquely identify the mobile station 
across a shared data packet channel in a signaling 
exchange with the tdecommunication network, until 
the mobile station is allocated a network-generated 
temporary logical link identity by the network; the 
attach procedure also including an attach request sent 
by a mobile station of the group to the telecommuni- 
cation network, the attach request including the group 
identity provided to each mobile station of the at least 
one group during said step of providing, and wherein 
the network identifies the mobile station across the 
shared packet data channel with the random temporary 
logical link identity until a network-generated tempo- 
rary logical link is generated; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number, 

sending the mobile station-generated signed response to 
the telecommunication network; 

calculating at the tdecommunication network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number, 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

allocating the mobile station with an individual temporary 
mobile station identifier comprising a temporary logi- 
cal link identity if comparisons performed during said 
step of comparing are of selected values; 

transferring the data between the mobile station, through 
the network and the correspondent entity; and 

performing location management procedures. 

4. A method for providing anonymous data transfer ser- 
vice to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 55 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommunication network, said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
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the group to the tdecornmunication network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number, 

calculating a ciphering key from the authentication key 
and the network-generated random number at both the 
mobile station and the network; 

storing the ciphering key; 

sending the mobile station-generated signed response to 

the tdecomrriunication network; 
calculating at the telecornmuni cation network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number; 
comparing the mobile station-generated signed response 

with the network-generated signed response; 
allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 
transferring the data between the mobile station, through 

the network and the correspondent entity ; and 
performing location management procedures, wherein the 
steps of allocating the mobile station with the indi- 
vidual temporary mobile station identifier, transferring 
the data, and perfonning the location management 
procedures comprise tiphering and deciphering trans- 
missions pursuant thereto. 
5. A method of for providing anonymous data transfer 
service to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommunication network, said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the tdecommunication network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request to provide 
a unique ciphering key for each mobile station in a 
group identity group; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part 
responsive to the authentication key and the network- 
generated random number, 

sending the mobile station-generated signed response to 
the telecommunication network; 

calculating at the tdecommunication network a network- 
generated signed response calculated, also at least in 
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part, responsive to the authentication key and the 
network-generated random number, 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 

transferring the data between the mobile station, through 
the network and the correspondent entity; and 

performing location management procedures. 

6. A method for providing anonymous data transfer ser- 
vice to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommunication network, said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the telecommunication network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number; 

sending the mobile station-generated signed response to 
the telecommunication network; 

calculating at the telecommunication network a network- 40 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number; 

comparing the mobile station-generated signed response 
with the network-generated signed response; 45 

allocating the mobile station with an individual temporary 
mobile station identifier by allocating to the mobile 
station a network layer identity if comparisons per- 
formed during said step of comparing are of selected 
values; 

transferring the data between the mobile station, through 
the network and the correspondent entity; and 

performing location management procedures, wherein 
data transfers performed during said step of transferring 
the data and location management procedures per- 
formed during said step of performing the location 
management procedures further comprise perfonning 
data transfers from the correspondent entity to the 
mobile station and associated location management 
procedures, as a manner to allow two-way communi- 
cation between the mobile station and the correspon- 
dent entity. 

7. A method for providing anonymous data transfer ser- 
vice to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 
data between a mobile station of the at least one group of 
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mobile stations and a correspondent entity by way of a 
telecommunication network, said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the tdecommurrication network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number; 

sending the mobile station-generated signed response to 
the telecommunication network; 

calculating at the tdecommunicati on network a network- 
generated signed response calculated also at least in 
part responsive to the authentication key and the 
network-generated random number, 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

allocating, by the network, the mobile station with an 
individual temporary mobile station identifier, compris- 
ing a temporary international mobile subscriber iden- 
tity in order to facilitate similar handling in the network 
as per non-anonymous mobile subscribers if compari- 
sons performed during said step of comparing are of 
selected values; 

transferring the data between the mobile station, through 
the network and the correspondent entity; and 

performing location management procedures. 

8. A method for providing anonymous data transfer ser- 
vice to at least one group of mobile stations in a mobile 
telecornmunication system to permit anonymous transfer of 
packet data between a mobile station of the at least one 
group of mobile stations and a correspondent entity by way 
of a telecommunication network, said method comprising 
the steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the telecommunication network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part 
responsive to the authentication key and the network- 
generated random number; 
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sending the mobile station-generated signed response to 

the telecommunication network; 
calculating at the telecommunication network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number, 
comparing the mobile station-generated signed response 

with the network-generated signed response; 
allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 
transferring the data between the mobile station, through 

the network and the correspondent entity; and 
performing location management procedures, when the 
packet exchange sequence between the mobile station 
and a correspondent entity is always initiated by the 
mobile station, comprising the steps of: 
performing location updating by the mobile station only 
during periods of active packet exchange sequences; 
rejecting, at the network, an attempt to transfer a packet 
to the mobile station during the periods extending 
between active packet exchange sequences; and 
initiating at the mobile station a new packet exchange 
sequence with an explicit or implicit location update. 
9. A method for providing anonymous data transfer ser- 
vice to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommunication network, said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the telecommunication network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number; 

sending the mobile station-generated signed response to 
the telecommunication network; 

calculating at the telecommunication network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number; 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 

transferring the data between the mobile station, through 
the network and the correspondent entity; 
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identifying the mobile station to the correspondent entity 
on an end-to-end application layer; and 

performing location management procedures. 

10. A method for providing anonymous data transfer 
service to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommunication network; said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the telecommunication network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number; 

sending the mobile station-generated signed response to 
the telecornmunication network; 

calculating at the tdecornmuni cation network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number, 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 

transferring the data between the mobile station, through 
the network and the correspondent entity; 

providing ciphering between the mobile station and the 
correspondent entity on an end-to-end application 
layer, and 

performing location management procedures. 

11. A method for providing anonymous data transfer 
service to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommunication network, said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 
providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the telecommunication network, the attach 
request including the group identity provided to each 
mobile station of the at lease one group during said step 
of providing; 
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allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number, 

sending the mobile station-generated signed response to 
the telecommunication network; 

calculating at the tdecommnnicatioo network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number, 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 

transferring the data between the mobile station, through 
the network and the correspondent entity and charging 
therefor based on the group identity; and 

performing location management procedures. 

12. A method for providing anonymous data transfer 
service to at least one group of mobile stations in a mobile 
telecommunication system to permit anonymous transfer of 
circuit-switched data between a mobile station of the at least 
one group of mobile stations and a correspondent entity by 
way of a telecommunication network, said method compris- 
ing the steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the telecommunication network, the attach 
request including the group identity provided to each 40 
mobfle station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 45 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number; 

sending the mobile station-generated signed response to 
the telecommunication network; 

calculating at the tdecommuni cation network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number; 

comparing the mobile station-generated signed response 
with the artwork-generated signed response; 

allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 

transferring the data between the mobile station, through 
the network and the correspondent entity by originating 
circuit-switched data calls at the mobile station; and 

performing location management procedures. 

13. The method of claim 12 wherein said step of per- 
forming location management procedures comprises the 
steps of: 
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performing location updating by the mobile station only 
periodically and, as required, before initiating at the 
mobile station a new data call; and 

rejecting at the telecommunication network an attempt to 
establish a mobile -terminated call. 

14. A method for providing anonymous data transfer 
service to at least one group of mobile stations in a mobile 
tdecommuni cation system to permit anonymous transfer of 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommunication network, said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 

initiating an attach procedure, the attach procedure 
including an attach request sent by a mobile station of 
the group to the telecomraunicatioa network, the attach 
request including the group identity provided to each 
mobile station of the at least one group during said step 
of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number; 

sending the mobile station-generated signed response to 
the tdecoinmunication network; 

calculating at the tdecommuni cation network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number; 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

exchanging at least one ciphering key between the mobile 
station and the network, if comparisons performed 
during said step of comparing are of selected values; 

allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 

transferring the data between the mobile station, through 
the network and the correspondent entity; and 

performing location management procedures. 

15. The method of claim 14 wherein communications 
between the mobile station and the network during said steps 
of allocating the mobile station with the individual tempo- 
rary mobile station identifier, transferring the data, and 
performing location management procedures are ciphered 
with the at least one ciphering key exchanged during said 
step of exchanging. 

16* A method for providing anonymous data transfer 
service to at least one group of mobfle stations in a mobile 
telecommunication system to permit anonymous transfer of 
data between a mobile station of the at least one group of 
mobile stations and a correspondent entity by way of a 
telecommu nicatio n network, said method comprising the 
steps of: 

forming the at least one group of mobile stations, the at 
least one group defined by a group identity and an 
associated group subscriber authentication key; 

providing a copy of the group identity and the authenti- 
cation key to each mobile station of the at least one 
group; 
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initiating an attach procedure by exchanging at least one 
ciphering key between fee mobile station and the 
network, and then sending an attach request from the 
mobile station to the telecommunication network, the 
attach request including the group identity provided to 
each mobile station of the at least one group during said 
step of providing; 

allocating to the mobile station a network-generated ran- 
dom number responsive to the attach request; 

calculating at the mobile station a mobile station- 
generated signed response of a value, at least in part, 
responsive to the authentication key and the network- 
generated random number; 

sending the mobile station-generated signed response to 
the telecommunication network; 

calculating at the telecommunication network a network- 
generated signed response calculated, also at least in 
part, responsive to the authentication key and the 
network-generated random number; 

comparing the mobile station-generated signed response 
with the network-generated signed response; 

allocating the mobile station with an individual temporary 
mobile station identifier if comparisons performed dur- 
ing said step of comparing are of selected values; 

transferring the data between the mobile station, through 
the network and the correspondent entity; and 

performing location management procedures. 

17. The method of claim 16 wherein communications 
between the mobile station and the network during a portion 
of the step of initiau' ng the attach procedure during which the 
group identity is sent to the telecommunication network, and 
(hiring said steps of allocating to the mobile station a 
network-generated random number, sending the mobile 
station-generated signed response, allocating the mobile 
station with an individual temporary mobile station 
identifier, transferring the data, and performing location 
management procedures arc ciphered with the at least one 
ciphering key exchanged during said step of exchanging. 

18. a method for initiating data transmission in a com- 
munication system having a communication network for 
effectuating anonymous communication between at least a 
first communication station and a correspondent entity prior 
to which the network is required to authenticate the com- 
munication station and inhibited from learning the specific 
personal identity of the communication station, the first 
communication station being a group-identified communi- 
cation station of a group of group-identified communication 
stations, each group-identified communication station of the 
group identified by a group identifier which is common to all 
of the members of the group, said method comprising the 
steps of: 

providing a common group identifier signal to the com- 
munication network, the group identifier signal of a 
value representative of at least the group identifier and 
not including any indicia of identity from which the 
communication network can ascertain the specific per- 
sonal identity of the first communication station; 

accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing; 

sending the second network-coded signal accessed during 
said step of accessing, to the first communication 
station; 
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forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 

comparing the first network-coded signal with the first 
station-coded signal; and 

authorizing initiation of transmission of data between the 
first communication station and the correspondent 
entity responsive to comparisons performed during said 
step of comparing. 

19. A method for initiating data transmission in a com- 
munication system having a communication network for 
effectuating communication between at least a first commu- 
nication station and a correspondent entity, the first com- 
munication station being a group-identified communication 
station of a group of group-identified communication 
stations, each group-identified communication station of the 
group identified by a group identifier, said method compris- 
ing the steps of: 

transmitting a group identifier signal from the first com- 
munication station to the communication network, the 
group identifier signal being of a value representative 
of at least the group identifier, 

accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing; 

sending the second network-coded signal accessed during 
said step of accessing, to the first communication 
station; 

forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 

comparing the first network-coded signal with the first 
station-coded signal; and 

authorizing initiation of transmission of data between the 
first communication station and the correspondent 
entity responsive to comparisons performed during said 
step of comparing. 

20. A method for initiating data transmission in a com- 
munication system having a communication network for 
effectuating communication between at least a first commu- 
nication station and a correspondent entity, the first com- 
munication station being a group-identified coinniunication 
station of a group of group-identified cornmunlcation 
stations, each group-identified communication station of the 
group identified by a group identifier, said method compris- 
ing the steps of: 

providing a group identifier signal to the communication 
network, the group identifier signal of a value repre- 
sentative of at least the group identifier; 
accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part, to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing, said first network-coded signal 
being formed by altering the second network-coded 
signal with an authentication code associated with the 
group identifier; 
sending the second network-coded signal accessed during 
said step of accessing, to the first cornmunication 
station; 

forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 
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comparing the first network-coded signal with the first 

station-coded signal; and 
authorizing initiation of transmission of data between the 

first communication station and the correspondent 

entity responsive to comparisons p e rf ormed during said 

step of comparing. 

21. A method for initiating data transmission in a com- 
munication system having a communication network for 
effectuating communication between at least a first commu- 
nication station and a correspondent entity, the first com- 
munication station being a group-identified c om mu n ication 
station of a group of group-identified communication 
stations, each group-identified communication station of the 
group identified by a group identifier, said method compris- 
ing the steps of: 

providing a group identifier signal to the communication 
network, the group identifier signal of a value repre- 
sentative of at least the group identifier, 

accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part, to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing; 

sending the second network-coded signal accessed during 
said step of accessing, to the first communication 
station; 

forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending 
by altering the second network-coded signal with an 
authentication code associated with the group identi- 
fier. 

comparing the first network-coded signal with the first 

station-coded signal; and 
authorizing initiation of transmission of data between the 

first communication station and the correspondent 

entity responsive to comparisons performed during said 

step of comparing. 

22. A method for initiating data transmission in a com- 
munication system having a commum'cation network for 
effectuating communication between at least a first commu- 
nication station and a correspondent entity, the first com- 
munication station being a group-identified communication 
station of a group of group-identified communication 
stations, each group-identified communication station of the 
group identified by a group identifier, said method compris- 
ing the steps of: 

providing a group identifier signal to the communication 
network, the group identifier signal of a value repre- 
sentative of at least the group identifier; 

accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part, to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing; 

sending the second network-coded signal accessed during 
said step of accessing, to the first communication 
station; 

forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 

transrnitting the first station-coded signal to the commu- 
nication network; 

cornparing the first network-coded signal with the first 65 
station-coded signal at the communication network; 
and 
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authorizing initiation of transmission of data between the 
first communication station and the correspondent 
entity responsive to comparisons performed during said 
step of comparing. 

23. A method far initiating data transmission in a com- 
munication system having a communication network for 
effectuating communication between at least a first commu- 
nication station and a correspondent entity, the first com- 
munication station being a group-identified cozrununication 
station of a group of group-identified communication 
stations, each group-identified communication station of the 
group identified by a group identifier, said method compris- 
ing the steps of: 

providing a group identifier signal to the communication 
network, the group identifier signal of a value repre- 
sentative of at least the group identifier; 

accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part, to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing; 

sending the second network-coded signal accessed during 
said step of accessing, to the first communication 
station; 

forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 

coniparing the first network-coded signal with the first 
station-coded signal; and 

authorizing initiation of transmission of data between the 
first c ommunic ation station and the correspondent 
entity responsive to the first network-coded signal 
substantially corresponding to the first station-coded 

signal . 

24. A method for initiating data transmission in a com- 
munication system having a communication network for 
effectuating communication between at least a first commu- 
nication station and a correspondent entity, the first com- 
munication station being a group-identified communication 
station of a group of group-identified communication 
stations, each group-identified communication station of the 
group identified by a group identifier, said method compris- 
ing the steps of: 

providing a group identifier signal to the communication 
network, the group identifier signal of a value repre- 
sentative of at least the group identifier; 

accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part, to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing; 

sending the second network-coded signal accessed during 
said step of accessing, to the first communication 
station; 

forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 

comparing the first network-coded signal with the first 
station-coded signal; 

authorizing initiation of transmission of data between the 
first cojnrnunication station and the correspondent 
entity responsive to comparisons performed during said 
step of comparing; and transmitting data from the first 
communication station to the correspondent entity. 

25. A method for initiating data packet transmission in a 
communication system having a communication network 
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for effectuating communication between at least a first 
communication station and a correspondent entity, the first 
communication station being a group-identified communi- 
cation station of a group of group-identified communication 
stations, each group-identified communication station of the 
group identified by a group identifier, said method compris- 
ing die steps of: 
providing a group identifier signal to the communication 
network, the group identifier signal of a value repre- 
sentative of at least the group identifier, 
accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part, to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing; 
sending the second network-coded signal accessed during 
said step of accessing, to the first communication 
station; 

forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 

comparing the first network-coded signal with the first 
station-coded signal; and 

authorizing initiatton of transmission of data formatted 
according to a connectionless protocol between the first 
communication station and the correspondent entity 
responsive to comparisons performed during said step 
of comparing. 

26. A method far initiating data transmission in a com- 
munication system having a communication network for 
effectuating communication between at least a first commu- 
nication station and a correspondent entity, the first com- 
munication station being a group-identified communication 
station of a group of group-identified communication 
stations, each group-identified communication station of the 
group identified by a group identifier, said method compris- 
ing the steps of: 
storing an authentication code associated with the group 

identifier at a storage location of the communication 

network; 

providing a group identifier signal to the communication 
network, the group identifier signal of a value repre- 
sentative of at least the group identifier, 

accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing; 

sending the second network-coded signal accessed during 
said step of accessing, to the first communication 
station; 

forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 

comparing the first network-coded signal with the first 
station-coded signal; and 

authorizing initiation of transmission of data between the 
first communication station and the correspondent 
entity responsive to comparisons performed during said 60 
step of comparing. 

27. The method of claim 26 wherein said step of storing 
further comprises storing a destination address associated 
with the group identifier, the destination address identifying 
a correspo ndent entity to which the data is to be transmitted. 

28. A method for initiating data transmission in a com- 
munication system having a communication network for 



effectuating communication between at least a first commu- 
nication station and a correspondent entity, the first com- 
munication station being a group-identified communication 
station of a group of group-identified communication 
stations, each group-identified communication station of the 
group identified by a group identifier, said method compris- 
ing the steps of: 

storing a first network coded signal and a second network 
coded signal at a storage location of the communication 
network; 

providing a group identifier signal to the communication 
network, the group identifier signal of a value repre- 
sentative of at least the group identifier ; 
accessing at least the first network coded signal and the 
second network-coded signal responsive, at least in 
part, to a value corresponding to the group identifier 
signal provided to the cornmiinicatioo network during 
said step of providing; 
sending the second network-coded signal accessed during 
said step of accessing, to the first cornmunication 
station; 

forming a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 
comparing the first network-coded signal with the first 

station-coded signal; and 
authorizing initiation of transmission of data between the 
first cornmunication station and the correspondent 
entity responsive to comparisons performed during said 
step of comparing. 
29. A method for initiating data transmission in a com- 
munication system having a cornmunication network for 
effectuating communication between at least a first commu- 
nication station and a correspondent entity, the first com- 
munication station being a group-identified communication 
station of a group of group-identified communication 
stations, each group-identified cornmunication station of the 
group identified by a group identifier, said method compris- 
40 ing the steps of: 

providing a group identifier signal to the communication 
network, the group identifier signal being of a value 
which temporarily uniquely identifies the first cornmu- 
nication station; 
accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part to a value corresponding to the group identifier 
signal provided to the communication network during 
said step of providing; 
sending the second network-coded signal accessed during 
said step of accessing, to the first communication 
station; 

fanning a first station-coded signal at the first communi- 
cation station responsive to reception of the second 
network-coded signal sent during said step of sending; 
comparing the first network-coded signal with the first 

station-coded signal; and 
authorizing initiation of transmission of data between the 
first cornmunication station and the correspondent 
entity responsive to comparisons performed during said 
step of comparing. 
39. In a communication system having a cornmunication 
network for effectuating cornmunication between at least a 
first communication station and a correspondent entity, the 
first communication station being a group-identified com- 
munication station of a group of group-identified commu- 
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ni cation stations, each group-identified communication sta- 
tion of the group identified by a group identifier, an 
improvement of apparatus for initiating data transmission, 
the data transmission being initiated only after the first 
communication station has been authenticated as a member 5 
of the group and without the communication network being 
able to specifically identify the first communication station, 
said apparatus comprising: 
a group identifier signal generator positioned at the first 
communication station, said group identifier signal 10 
generator for generating a group identifier signal of a 
value representative of at least the group identifier and 
not including any indicia of identity from which the 
communication network can ascertain the specific per- 
sonal identity of the first communication station and for 1 5 
transmitting the group identifier signal to the commu- 
nication network; 
a network-coded signal accessor and transmitter posi- 
tioned at the connnunication network, said network- 
coded signal accessor and transmitter for accessing at 20 
least a first network coded signal and a second network- 
coded signal responsive, at least in part, to the group 
identifier signal transmitted to the communication net- 
work by said group identifier signal generator and for 
transmitting the second network-coded signal to the 23 
first communication station; 
a station-coded signal generator positioned at the first 
communication station, said station-coded signal gen- 
erator for forming a first station-coded signal respon- ^ 
sive to reception of the second network-coded signal at 
the first communication station; 
a comparator coupled to receive indications of the first 
network-coded signal and the first station-coded signal, 
said comparator for comparing values of the first 35 
network-coded signal and the first station-coded signal 
and for selectively authorizing initiation of transmis- 
sion of the data between the first communication station 
and the correspondent entity responsive to comparisons 
performed thereaL 40 
31. In a communication system having a communication 
network for effectuating communication, an improvement of 
a first communication station, said first communication 
station for communicating with the communication network 
and being a group-identified communication station of a 45 
group of group-identified commiinication stations, each 
group-identified communication station of the group iden- 
tified by a common group identifier, said first communica- 
tion station comprising: 
a group identifier signal generator for generating a group 50 
identifier signal of a value representative of at least the 
group identifier and not including any indicia of iden- 
tity from which the communication network can ascer- 
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tain the specific personal identity of the first commu- 
nication station, said generator also transmitting the 
group identifier signal to the communication network; 
a receiver for receiving communication network- 
generated response signals generated by the commu- 
nication network responsive to transmission to the 
communication network of the group identifier signal 
by said group identifier signal generator, and 
a station-coded signal generator coupled to receive indi- 
cations of the communication-network generated 
response, said station-coded signal generator for form- 
ing a first station-coded signal responsive to reception 
of a second network-coded signal at the first commu- 
nication station. 
32. Communication network apparatus for effectuating 
anonymous communication between at least a first commu- 
nication station and a correspondent entity following authen- 
tication of said first communication station and in which said 
network apparatus and correspondent entity are inhibited 
from learning the specific personal identity of the at least 
first communication station, the first communication station 
being a group-identified communication station of a group 
of group-identified communication stations, each group- 
identified communication station of the group identified by 
a common group identifier, said communication network 
apparatus comprising: 

a receiver coupled to receive communication-station gen- 
erated signals generated by the first communication 
station, the communication station-generated signals 
including at least a group identifier signal and a first 
station-coded signal the group identifier signal of a 
value representative of at least the group identifier and 
not including any indicia of identity from which the 
communications network can ascertain the specific 
personal identity of the first communication station; 
a network-coded signal accessor and transmitter for 
accessing at least a first network coded signal and a 
second network-coded signal responsive, at least in 
part, to the group identifier signal received by said 
receiver and for transmitting the second network-coded 
signal to the first communication station; and 
a comparator coupled to receive indications of the first 
network-coded signal and the first station-coded signal, 
said comparator for comparing values of the first 
network-coded signal and the first station-coded signal 
and for selectively authorizing initiation of transmis- 
sion of the data between the first communi cation station 
and correspondent entity responsive to comparisons 
performed thereat 
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